Hello,
For the Aerogear iOS OAuth2 library, does it support cross-client authorization as documented here:
https://developers.google.com/identity/protocols/CrossClientAuth? I have a project configured in the Google Developers console with two OAuth2 client IDs. I'd like to have my iOS app send a token request that contains both client IDs (one in the client_id field and another in the audience field) and receive a token that has the server_code field which I would then send to my web app to get it's own refresh/access tokens. Example requests below.
Token request:
audience <web app client ID>.
apps.googleusercontent.comclient_id <iOS app client ID>.
apps.googleusercontent.comcode 4/qmOAPMYafdJ1Qs14o6wK9Ok_p4bhkzjab72wwLtLg5A
grant_type authorization_code
redirect_uri com.googleusercontent.apps.<iOS app client ID>:/oauth2callback
verifier 81803532
Token response:
access_token String ya29.NgL_Yz4eECZQR0aHbrYh5_A06Rif_dQYxBLXXZLm5OQiInwKGcKI8Nd2PhxLNtV-XzoQ
token_type String Bearer
expires_in Integer 3600
refresh_token String 1/4aumZ1PQ00zk4xrc4W-xgjMIHA1GnDtpmc17Fopx9-RIgOrJDtdun6zK6XiATCKT
server_code String 4/qz-ClSW_wudBxj5H7cCFhaNDYQQrtcytAokQje_XKf0 <---- NEW!
id_token String eyJhbGciOiJSUzI1NiIsImtpZCI6...
Best,
Michael Doo